<?php
require 'checkPrivileges.php';
$var = $_GET['image'];
$finfo = finfo_open(FILEINFO_MIME_TYPE);
if ($_GET['size']=="thumb") {
    $file = '/home/FER/mg44268/public_html/thumbs/' . $var; 
}
else {
$file = '/home/FER/mg44268/public_html/pictures/' . $var; 
}
if (checkImage($_GET['image'])) {
    header('Content-Type: image/jpeg');
    header('Content-Length: ' . filesize($file));
    readfile($file);
    finfo_close($finfo);
}
exit;

function checkImage($image){
    if (!preg_match('/[a-z0-9]/i', $image)) {
        return false;;
    }
    if (!file_exists('/home/FER/mg44268/public_html/pictures/' . $image)) {
        return false;
    }
    return true;
}
?>
